Pedro Sousa

This commit performs a **documentation update** across the **Client-Side Security** module, standardizing product availability messaging. It changes references from "Enterprise plan with a paid add-on" (or similar variations) to "Client-Side Security Advanced" or "Customers with Client-Side Security Advanced." This **maintenance** task clarifies the required product tier for various features, alerts, detection methods, and rules within the client-side security offering. The changes span numerous documentation files under `src/content/docs/client-side-security/`, as well as notification configurations and plan definitions, ensuring consistent messaging for users regarding feature access.

This commit **updates the documentation** for the **WAF Rate Limiting rules** to clarify the availability of a specific configuration parameter. It adds crucial information to `src/content/docs/waf/rate-limiting-rules/parameters.mdx` regarding when the 'Also apply rate limiting to cached assets' option is accessible to users based on their Cloudflare plan. This **documentation enhancement** ensures that users understand the plan-based restrictions for this feature, preventing potential confusion or misconfiguration. The change primarily impacts users consulting the **WAF Rate Limiting** documentation, providing a more accurate and complete understanding of the product's capabilities.

This commit provides **documentation updates** for the **Client-side Security** feature, specifically detailing the new **LLM-assisted false positive reduction** in **malicious script detection**. It updates the `malicious-script-detection.mdx` guide to explain how Large Language Models are used to improve detection accuracy and mentions the use of open-source models. Additionally, a new entry is added to `client-side-security.yaml` to highlight this enhancement in the release notes. This **documentation and release note update** ensures users are informed about the improved reliability and reduced false positives within the platform's security capabilities.

This commit provides a crucial **documentation fix** within the **Rules** subsystem, specifically addressing the stated size limits for **RFC 9440 mTLS client authentication certificates**. It updates the description for the `cf.tls_client_auth.cert_rfc9440_too_large` field, clarifying that the **leaf certificate** encoding limit is **10 KB**, not 16 KB, while the overall chain limit correctly remains 16 KB. This **maintenance** ensures that users relying on the documentation for mTLS certificate requirements receive accurate information. The changes are reflected in the changelog and field definitions, preventing potential misconfigurations or confusion regarding certificate size constraints.

This commit introduces **new capabilities** to the **Ruleset Engine** by adding support for **RFC 9440 mTLS certificate fields**. It defines new fields such as `cf.tls_client_auth.cert_rfc9440` and `cf.tls_client_auth.cert_chain_rfc9440` within the system's field index, along with corresponding `_too_large` variants. This enhancement allows **Transform Rules** to leverage these specific mTLS certificate details for advanced rule logic and filtering. A corresponding changelog entry has also been added to document this significant update for users, providing clear information on the new fields available.

This commit introduces a **new feature** by adding a unique identifier to the **Dynamic Workers** configuration. Specifically, it updates the `src/content/directory/dynamic-workers.yaml` file to include an `id` field with the value `N4xJ6K`. This enhancement provides a distinct identifier for the dynamic workers, which is crucial for internal referencing or management within the system. The change is confined to the configuration layer, establishing a foundational element for future features that might rely on unique worker identification.

This commit provides a crucial **documentation update** within the **WAF section** to reflect the complete **sunset** and unavailability of **old Cloudflare Rate Limiting rules**. It updates several `mdx` files, including `src/content/docs/waf/concepts.mdx` and `src/content/docs/waf/rate-limiting-rules/index.mdx`, to change the status of these legacy features from "deprecated" to "no longer available." Specifically, the `src/content/docs/waf/reference/legacy/old-rate-limiting/upgrade.mdx` guide is updated to confirm the upgrade process is complete and to clarify the status of the associated old API and Terraform resources. This **maintenance** ensures that user-facing documentation accurately communicates the current state of rate limiting features, guiding users away from obsolete systems.

This commit **updates the support documentation** for **Cloudflare error 1009** within the `error-1009.mdx` file. It **clarifies the resolution steps** by providing distinct, targeted instructions for both site visitors and site owners. This **documentation improvement** aims to enhance the user experience by making troubleshooting more straightforward and effective for individuals encountering this specific error. The change directly impacts the **troubleshooting guides** available to users seeking assistance with Cloudflare 1xxx errors.

This commit **updates the support documentation** for **Cloudflare Error 1015**, which indicates rate limiting. It specifically refines the resolution steps and updates relevant rate limiting links within the `error-1015.mdx` file. This **documentation maintenance** ensures that users encountering this error have access to the most current and accurate information, thereby improving their ability to troubleshoot and resolve rate limiting issues.

This commit delivers extensive **documentation updates** across various **WAF (Web Application Firewall) features**, primarily aimed at improving clarity and simplifying complex explanations. It refines content for **account-level WAF configuration**, **rate limiting rulesets**, **Security Analytics and Events**, the **WAF changelog**, **custom rules and rulesets**, and **WAF lists**. These **maintenance** updates clarify evaluation orders, deployment instructions, tracking models, search behaviors, and the relationships between different WAF components. The overall goal is to enhance user understanding and make the WAF documentation more accessible and comprehensive for all users.

This commit introduces a **new glossary entry** for the term 'terminating action' within the **Ruleset Engine** product, defined in `src/content/glossary/ruleset-engine.yaml`. It **enhances documentation clarity** by integrating this definition into existing articles, specifically `src/content/docs/bots/additional-configurations/custom-rules.mdx` and `src/content/docs/waf/feature-interoperability.mdx`. This **documentation improvement** utilizes the `GlossaryTooltip` component to provide on-demand explanations, ensuring a more consistent and understandable user experience for complex ruleset configurations. This **maintenance** task helps users quickly grasp the meaning of critical terms, improving overall comprehension of the platform's features related to **Bots** and **WAF**.

This commit delivers significant **documentation updates** for the **WAF (Web Application Firewall)**, aiming to simplify complex concepts. It provides **clarifications** for core `WAF` concepts like rulesets, the distinction between detections and mitigations, and rule execution order. Furthermore, it substantially improves explanations for various **detection mechanisms**, including `AI Security for Apps`, `Attack Score`, `Leaked Credentials`, and `Malicious Uploads`. These **maintenance** updates enhance user understanding of how detections function, how to interpret their results, and how to effectively leverage their fields within `Security Analytics` and custom rules.

This commit introduces a **new availability table** within the **WAF documentation** (`waf/index.mdx`) to provide a comprehensive overview of various WAF features and their support across different Cloudflare plans. It also includes a specific **documentation update** for the `AI Security Log Mode Ruleset` and `AI detection fields` (`ai-security-for-apps/index.mdx`), clarifying their availability for Enterprise plans as a 'Paid add-on' instead of a standard inclusion. This **documentation update** enhances the accuracy and clarity of product information for users exploring Cloudflare's Web Application Firewall capabilities.

This commit provides a significant **documentation update** for the **WAF module**, reflecting a **change in feature availability** based on new product SKUs. It primarily updates the plan requirement for numerous **WAF features**—such as custom rulesets, managed rulesets, rate limiting, payload logging, and sensitive data detection—from 'Enterprise with paid add-on' to simply the 'Enterprise' plan. This **documentation update** makes these advanced WAF capabilities more accessible to **Enterprise plan customers** by removing the need for an additional paid add-on. Additionally, it includes minor documentation reformatting, clarifies availability for features like custom detection locations for leaked credentials, and adds a feature table for IP Access rules.

This commit provides a **documentation fix** for the **WAF (Web Application Firewall)** section, specifically within the **Rate Limiting Rules best practices** guide. It corrects a typo in an example rate-limiting rule found in `src/content/docs/waf/rate-limiting-rules/best-practices.mdx`. The example now accurately increments the counter for response status codes `403` and `404`, instead of the previously incorrect `401` and `403`. This **maintenance** update ensures that users configuring WAF rate-limiting rules are provided with correct and effective examples, improving the overall accuracy of the documentation.

This commit **enhances the clarity and consistency of the Web Application Firewall (WAF) documentation** by providing important **OWASP clarifications**. It **improves user guidance** by making the **false positives warning more prominent** and reusable across relevant pages through a new partial component, `owasp-false-positives-warning.mdx`. Additionally, the **specific OWASP Core Rule Set (CRS) version number is now explicitly stated** in the reference documentation, offering better context for users. This **documentation update** ensures critical information is easily accessible and consistent throughout the WAF section, particularly for users interacting with OWASP rules.

This commit **enhances the project's documentation** by adding a new section to the **style guide**. Specifically, it introduces details about **reserved Autonomous System Numbers (ASNs)** within the `src/content/docs/style-guide/formatting/example-values.mdx` file. This **content addition** aims to provide clear guidelines for using ASNs in examples, ensuring consistency and accuracy across the project's documentation. It helps contributors understand which ASNs are reserved and how to represent them correctly, improving the overall quality and precision of network-related examples.

This commit **updates the documentation style guidelines** within the `style-guide` module, specifically refining the content strategy for `steps-tasks-procedures`. It provides clearer guidance on the use of **list markers** and standardized **feature toggling terminology** for technical writers. This **maintenance** work enhances consistency and improves the overall quality of the project's documentation by clarifying content creation standards in `src/content/docs/style-guide/documentation-content-strategy/component-attributes/steps-tasks-procedures.mdx`.

This commit performs a **documentation maintenance** task by standardizing terminology across various Cloudflare product guides. It **replaces all instances of "Orange-to-Orange" with the abbreviated "O2O"** to ensure consistent language and improve readability. This change affects documentation for key features such as **Cloudflare for Platforms (SaaS)**, **Workers**, **Cache**, **DNS**, **Data Localization**, **Logs**, and **SSL**. The update aims to provide a more uniform and professional user experience by eliminating redundant full spellings and promoting the widely recognized acronym.

This commit delivers a significant **documentation update** to clarify the **interoperability and execution order** of various **Cloudflare app security features**. It introduces a new comprehensive page `waf/feature-interoperability.mdx` detailing these interactions, alongside a new partial `waf/app-security-interoperability.mdx`. Existing documentation for **WAF**, **Bot Management**, and general **security rules** is updated with new sections explaining how features like Custom Rules, Managed Rules, and Rate Limiting interact. This **maintenance** work aims to improve user understanding of complex security configurations, enabling more effective deployment and troubleshooting of Cloudflare's security offerings.